Recently, I'm using Jnetpcap to send/receive raw packet over network.
Jnetpcap provides sending packets by Pcap.sendPacket(). This method gets raw buffer or bytes to send.
On the other hand, there is org.jnetpcap.protocol.* classes which wraps protocol headers, and we can use them to decode captured packets.
When I use below code to make a Ip4 packet, It causes NullPointerException:
import org.jnetpcap.protocol.network.Ip4;
public class Test {
public static void main(String[] args) {
Ip4 ip4 = new Ip4();
ip4.ttl(10);
}
}
Error:
Exception in thread "main" java.lang.NullPointerException
at org.jnetpcap.nio.JBuffer.check(Unknown Source)
at org.jnetpcap.nio.JBuffer.setUByte(Unknown Source)
at org.jnetpcap.protocol.network.Ip4.ttl(Unknown Source)
at jaeger.Test.main(Test.java:17)
How can I build that packet and then send it by Pcap.sendPacket()?
Note: I'm really not interested in preparing packets byte by byte... C/C++ libpcap and Jpcap have working functionality, but I want use Jnetpcap!
1) The code throws an exception because the wrapper classes only work using previously allocated buffers, due the fact that the primary purpose of the library is to analyze buffers of captured packets. So, it's necessary to allocate a buffer before using them.
2) The packets must be builded supplying all necessary bytes. But code can be written so that only a few bytes are really necessary (see above).
3) sendPacket expects an entire packet, a full Ethernet frame. So, Ethernet, IP, TCP headers and Payload must be written to a buffer.
4) The main idea, to allow you to use wrapper classes, is to allocate a buffer and then left the library scan it to discover headers, but a minimum of information (bytes) must be provided.
JMemoryPacket packet = new JMemoryPacket(packetSize);
packet.order(ByteOrder.BIG_ENDIAN);
Ethernet frame needs a protocol type (0x0800) at position 12:
packet.setUShort(12, 0x0800);
packet.scan(JProtocol.ETHERNET_ID);
After scan, an Ethernet instance can be retrieved and setters used:
Ethernet ethernet = packet.getHeader( new Ethernet() );
ethernet.destination(...);
...
IP4 header needs version (0x04) and size (0x05) at position 14:
packet.setUByte(14, 0x40 | 0x05);
packet.scan(JProtocol.ETHERNET_ID);
Ip4 ip4 = packet.getHeader( new Ip4() );
ip4.type(0x06); //TCP
ip4.length( packetSize - ethernet.size() );
ip4.ttl(...);
...
TCP header needs size (0x50):
packet.setUByte(46, 0x50);
packet.scan(JProtocol.ETHERNET_ID);
Tcp tcp = packet.getHeader( new Tcp() );
tcp.seq(...);
...
So, Payload:
Payload payload = packet.getHeader( new Payload() );
payload.set...(...);
...
And finally:
pcap.sendPacket( ByteBuffer.wrap( packet.getByteArray(0, packet.size() ) );
5) All necessary bytes can be written at one time to avoid so many calls to the scan method.